Sometimes when we’re away from home, our phone runs out of power. In such cases, if you don’t have a power bank with you, the only way to charge your device is at a public charging station. Here’s everything you need to know about charging.
While public charging stations are a great option if your phone has a dead battery, they can also be useful tools for hackers.
The fact is that USB charging stations can be designed to introduce malware and steal data from everyone who uses them.
When hackers use ports in this way, it’s called “juice-jacking”.
How juice-jacking was created
The “juice-jacking” concept was first demonstrated at the DEF CON conference in 2011. Free charging stations were advertised at the security conference. Everyone who plugged in their device received a warning message explaining the dangers of public charging stations.
DEF COM is a security conference, and many of the attendees are ethical hackers. Despite this, more than 360 people plugged in their devices.
“Juice-jacking” is possible because of the way USB ports are designed. USB is mostly used in conjunction with phones for charging but is equally suitable for data transfer. Every time you plug in your phone for charging, you’re also potentially opening the door for data transfer.
Of course, as technology has evolved, this threat has come to be considered a potential rather than a real threat, since most phones now ask permission before they start transferring data.
This means that as long as the user is careful, any hacking will be stopped immediately. It’s unknown if hackers will find a way around this protection.
Juice-jacking can be used not only to steal but also to install malware on your device.
How hackers can use juice-jacking against you
Luckily for most people, if data is stolen from their phone, the damage isn’t great. Usually, people only store photos and contacts there.
However, if you have something important on your memory card, you should still be wary of juice-jacking. This method can be easily used to steal the data of specific people who are known to have valuable information.
As for the possibility of attackers downloading malicious software to you, this is a potential threat to anyone and with much more serious consequences. The charging station can be programmed to install a keylogger that will record any passwords entered into the phone.
The malware can also be installed to track the location of your phone or record any phone calls you make. It can even be used to completely lock your phone.
How to prevent juice-jacking on your phone
Of course, this threat isn’t a sentence. Avoiding data hijacking is easy, as is introducing malware in a similar way. Ways to charge your phone in a public place without the risk of malware infections further down:
- This attack requires you to plug your phone into the network through a USB connection. A safe alternative is to carry your own charger and use public electrical outlets. It isn’t possible to program a regular outlet.
- As mentioned in the beginning, public substations are only an alternative to portable battery banks for charging your phone. Battery banks and spare batteries are inexpensive, and you can use them to charge your phone for a week, but not all of them. These devices are certainly handy, even if you’re not trying to avoid malicious charging stations.
- It’s also interesting that such an attack on your phone isn’t possible if you need a PIN code to unlock it. If you decide to use a public charging station, make sure you locked your phone with a PIN code.
- You can purchase USB cables designed for charging only. This means that they transmit power, but cannot be used to transmit potentially malicious data.
If you have such a cable with you, you can use a malicious port without fear. They’re also useful if you want to charge your phone with a computer you don’t trust.